JIRA Core, JIRA Software and JIRA Service Desk Server and Data Center GDPR support guides
We've created this set of support guides to help you with any GDPR-specific obligations that you may have. The guides are designed to identify where personal data may be located within the product, and, where possible, assist with responding to data subject access requests, including in modifying, restricting or deleting data.
Where a workaround involves running SQL scripts directly on your database, we strongly recommend you do this first on a non-production, staging or test environment before running the scripts on your production database. We also strongly recommend you take a backup of your data before making any modifications via SQL scripts.
- JIRA: Automated individual decision-making, including profiling
- JIRA: Communication of personal data breaches
- JIRA: Data protection by design and by default
- JIRA: Records of processing activities
- JIRA: Right of access by the data subject
- JIRA: Right to data portability
- JIRA: Right to erasure
- JIRA: Right to object
- JIRA: Right to rectification
- JIRA: Right to restriction of processing
- JIRA: Security of processing
- JIRA: Transfers of personal data to third countries or international organisations
Anonymizing users in Jira
Since writing these support guides, we've created a way to anonymize users directly in Jira, which is available in Jira Core and Jira Software 8.7 and later, and Jira Service Desk 4.7 and later. By anonymizing users, you can hide or delete any personal data that can identify them, including names, usernames, avatars, free-text personal data, and any occurrences of those around Jira (some limitations apply). For more information on what the user anonymization looks like and what exactly gets anonymized, see Anonymizing users.